Replayable evidence for everything your agents do
Your AI agent acts on behalf of users. Recalled records every action with actor.type set to 'agent', a hash chain and an HMAC signature, plus the conversation id and the user who triggered it. When the agent gets it wrong, you have a forensic trail.
AI agents now click buttons, delete files, send emails, refund payments. They get it right 95% of the time. The 5% of misfires need to be explained, replayed, and undone. Without an audit log, you have a chat transcript at best, and no proof of what actually happened in the system.
Wrap every tool call with an event. Set actor.type to 'agent', actor.id to the model name, actor.name to your internal agent name. Put triggered_by_user, conversation_id, tool_call_id, reasoning, confidence and model in metadata. From this point, you can answer 'what did the agent do for user X yesterday' in one filter, replay any action by id, and prove cryptographically that the chain has not been tampered with.
// Inside the tool call your AI agent invoked:
await recalled.events.create({
action: "file.deleted",
actor: { type: "agent", id: "claude-sonnet-4.6", name: "Support Agent" },
organization: tenant.id,
targets: [{ type: "file", id: file.id }],
metadata: {
triggered_by_user: user.id,
conversation_id: conv.id,
tool_call_id: call.id,
reasoning: call.reasoning,
model: "claude-sonnet-4.6",
},
});Why teams audit their AI agents on Recalled
- Same SDK, just actor.type
Nothing new to install. Set actor.type to 'agent' on the events you already log, the dashboard filters and search just work.
- Conversation level traceability
metadata.conversation_id ties every action back to the chat that produced it. Click an event, jump to the full transcript context.
- Triggered_by_user attribution
An agent never acts in isolation. Recalled lets you filter by metadata.triggered_by_user to see all actions taken in someone's name, agent or human.
- Receipts anyone can verify
Every event ships with a public receipt URL. The agent pastes the link in its reply, your support team forwards it to a customer who disputes the action, the user clicks, sees the green Verified banner, no API key needed.
Related use cases
Every Recalled event ships with a portable receipt: a JSON object plus a public webpage URL. Send it to a customer who disputes an action, attach it to a support ticket, paste it in a Slack reply, or let your AI agent cite it. The recipient clicks, sees the action, the timestamp and a green Verified banner, with no Recalled account or API key required.
Log every sensitive action taken by a staff member from your back-office: suspensions, refunds, impersonations, role changes. Answer 'who did this and when' before anyone has to ask.
SOC 2 and ISO 27001 both require an immutable record of sensitive actions. Recalled emits hash-chained, signed events so your auditor can verify integrity without trusting your database.
Your next audit log is 2 minutes away
Stop hacking on your own logs table. Drop in Recalled, send your first event, move on.